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A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) OR THIRTY (30) DAYS, 
WHICHEVER IS LONGER, FROM THE MAILING DATE OF THIS COMMUNICATION. 
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eamed patent term adjustment. See 37 CFR 1 .704(b). 

Status 

1 )^ Responsive to communication(s) filed on 18 June 2008 . 
2a )^ This action is FINAL. 2b)n This action is non-final. 

3) D Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quayle, 1935 CD. 11, 453 O.G. 213. 
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5) |EI Claim(s) 18-25 is/are allowed. 

6) KI Claim(s) 1-17 is/are rejected. 
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Application Papers 

9) 0 The specification is objected to by the Examiner. 

10) 0 The drawing(s) filed on is/are: a)^ accepted or b)^ objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held In abeyance. See 37 CFR 1.85(a). 
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DETAILED ACTION 
Response to Amendment 

1 . The amendment filed on 06/18/2008 has been considered for claims 1-25 but is 
ineffective to overcome Droms et al, Donaldson and Fan et al references for claims 1- 
17. Rejection follows. 

2. Claims 1-25 is pending in the application. 

Claim Rejections - 35 USC § 103 

3. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 

obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or deschbed as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the phor art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

4. Claims 1-17 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Droms et al [US Pat: 7,143,435] in view of Donaldson [US Pat: 7,249,175]. 

Regarding claim 1, Droms et al in the invention of "Method and Apparatus for 
Registering Auto-Configured Network Addresses Based on Connection Authentication" 
disclosed a method of developing an access control list, comprising: developing an 
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enhanced access control list (item 146 of Fig 1) including data related to at least one of 
user names (user groups), DNS names (URL), Windows domain names (domain 
names), and physical addresses (col 8, lines 30-62); DNS names into corresponding 
IP addresses according to data in the enhanced access control list (col 9, lines 1-27, 
col 12, lines 50-67, col 13, lines 1-24); and physical addresses (MAC address) into IP 
addresses according to data in the enhanced access control list (col 10, lines 16-32, 
col 12, lines 21-32); and developing the access control list from each of the operations 
of converting (col 9, lines 14-27), but fails to disclose converting at least one of user 
names into corresponding IP address. However, Donaldson in the invention of "Method 
and System for Blocking E-Mail having a Nonexistent Sender Address" disclosed a 
method for converting user names into corresponding IP addresses (convert physical 
interface to logical interface, col 13, lines 25-49). 

Therefore it would have been obvious for one of the ordinary skill in the art at the 
time the invention of made to include the method of converting user names into 
corresponding IP address as taught by Donaldson in the system of Droms et al to covert 
user names and physical addresses into IP addresses. One is motivated as such in 
order to determine an IP address with minimum latency to route an information packet 
based on user name and physical address. 

Regarding claim 2, Droms et al disclosed storing the user names and 
corresponding IP addresses in a mapping state database that defines current 
relationships among user names (col 7, lines 24-35), DNS names, domain names (col 
12, lines 21-32), and physical addresses (col 11, lines 20-28, col 16, lines 1-19). 
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Regarding claims 3, 1 1, Droms et al disclosed that each physical address 
comprises a MAC address (col 10, lines 16-23, col 16, lines 1-19). 

Regarding claims 4, 13, Droms et al disclosed that converting user names into 
corresponding IP and physical addresses according to data in the enhanced 
access control list comprises: detecting login packets (authentication, user ID and 
password) being communicated over the network; determining a MAC address from 
the login packets (col 2, lines 17-25); detecting server message block login packets 
being communicated over the network (col 2, lines 25-37); and determining an IP 
address from the server message block login packets; and developing records in the 
access control list using the obtained IP address for the respective user name (col 2, 
lines 38-52, col 8, lines 30-62). 

Regarding claims 5-6,13-14, Droms et al disclosed converting DNS names into 
corresponding IP addresses according to data in the enhanced access control list 
comprises: detecting packets having an unknown source IP address (col 9, lines 14- 
24); generating a DNS name query using the source IP address (col 9, lines 24-27); 
receiving a DNS name associated with the IP address responsive to the query; and 
developing records in the access control list using the obtained IP address for the 
respective DNS name (col 8, lines 30-62) and occasionally generating new DNS name 
queries for the source IP address and thereafter repeating the operations of receiving 
and developing to update the access control list (col 12, lines 21-33).. 
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Regarding claims 7, 15, Droms et al disclosed occasionally receiving the DNS 
name associated with the IP address and thereafter repeating the operation of 
developing to update the access control list (col 12, lines 66-67, col 13, lines 1-9). 

Regarding claims 8,17, Droms et al disclosed converting physical addresses 
into IP addresses according to data in the enhanced access control list comprises: 
monitoring DHCP packets communicated over the network (col 13, lines 10-15); 
obtaining an IP address assigned to a particular physical address from the monitored 
DHCP packets (col 11, lines 20-24); and developing records in the access control list 
using the obtained IP address assigned to a respective physical address (col 11, lines 
25-36). 

Regarding claims 9-10, Droms et al disclosed a method of controlling access of a 
user to a network including a plurality of hosts coupled together through a network 
switch (item 102 of Fig 1), the method comprising: storing in the network switch an 
enhanced access control list containing data related to at least one of user names (user 
groups, col 7, lines 24-35), DNS names (URL), Windows domain names (domain 
names), and physical addresses (col 9, lines 14-17, col 11, lines 20-28, col 12, lines 
28-31, lines 50-67, col 13, lines 1-24); and generating a dynamic access control list 
from the enhanced access control list, the dynamic access control list containing a 
plurality of IP addresses that restrict access of the user to the network (col 16, lines 21- 
32) and mapping user names to physical addresses; mapping physical addresses to IP 
addresses (col 10, lines 16-32); mapping unknown IP addresses to physical 
addresses; and mapping unknown IP addresses to DNS names (col 8, lines 30-62); 
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and applying rules set forth in the enhanced access control list relating to controlling 
access of a user to the addresses deternnined by the operations of mapping to generate 
the access control list (col 9, lines 9-27), but fails to disclose mapping user names to IP 
addresses. 

However, Donaldson disclosed a method for converting user names into 
corresponding IP addresses (Fig 8, col 13, lines 17-33). 

Therefore it would have been obvious for one of the ordinary skill in the art at the 
time the invention of made to include the method of converting user names into 
corresponding IP address as taught by Donaldson in the system of Droms et al to covert 
user names and physical addresses into IP addresses. One is motivated as such in 
order to determine an IP address with minimum latency to route an information packet 
based on user name and physical address. 

Regarding claims 12, 16, Droms et al disclosed that the mapping user names to 
IP addresses comprises: detecting server message block login packets being 
communicated over the network (col 12, lines 50-67); and determining an IP address 
from the server message block login packets and mapping unknown IP addresses to 
physical addresses comprises detecting packets having an unknown source IP address 
(col 13, lines 1-18). 


Response to Arguments 
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6. Applicant's argument, see remarks, filed on 06/18/2008, with respect to rejection 
of claims 1-17 have been fully considered and is not persuasive for claims 1-17. 

With respect to applicant's argument for claims 1 , 9 dependent claims, that 
Droms does not teach or suggest storing in the network switch enhanced access control 
list including data related to at least one of user names, DNS names, Windows domain 
names, and physical addresses. However, the examiner respectfully disagrees and 
points applicants to the reference, where Droms disclosed a method where gateway 
(item 145 of Fig 1) which stores and maintains the access control list checks the source 
IP address in the message sent by the host via the network switch (item 102 of Fig 1) 
and further disclosed a method for checking the message for user names (user 
identification) and URL (domain names) by the DNS to process the request from host 
(col 12, lines 50-67, col 13, lines 1-24, Figs 1-2). 

With respect to applicant's argument for independent claims 1 , 9 and dependent 
claims, that Droms does not teach or suggest a method of developing an access control 
list, however, the examiner respectfully disagrees and points applicants to reference, 
where Droms disclosed a method for maintaining the access list and further disclosed 
adding IP addresses to the list for controlling the access (col 13, lines 1-24) to process 
the requests from hosts. 

With respect to applicant's argument for independent claims 1 , 9 and dependent 

claims, that Droms does not teach or suggest converting user names into corresponding 
IP and physical addresses according to data in the enhanced access control list. 
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However, the examiner respectfully disagrees and points applicants to reference, where 
Droms disclosed mapping (converting) physical address (MAC) and logical addresses 
(IP) for identifying the source and destination address of the request and response 
messages that is processed by the gateway (col 15, lines 60-67, col 16, lines 1-61). It is 
also well known in the art that such mapping of physical to logical address (or vice- 
versa) to convert physical to logical address in access lists to route the response 
messages during authentication and authorization process. 

With respect to applicant's argument for independent claims 1 , 9 and dependent 
claims that Donaldson does not teach or suggest converting user names into 
corresponding IP and physical addresses according to data in the enhanced access 
control list. However, the examiner respectfully disagrees and points applicants to 
reference, where Donaldson discloses a method of mapping physical LAN interface 
(physical address) to logical interfaces (IP address) and physical to logical address (or 
vice-versa) mapping by the router (col 13, lines 18-49). Also Donaldson further 
disclosed a method for dynamically updating and storing the IP addresses in access list 
for performing access verification during the address lookup process (col 9, lines 4-18, 
CO 19, lines 37-54). 

With respect to applicant's arguments for claims 18-25, the examiner agrees with 
the applicant's argument that the claims 18-25 are allowable as prior art fails to teach 
the claim limitation where fonA/arding circuit is operable to process the specific packets 
stored in the memory circuit using the enhanced access control list to generate the 
dynamic access control list and store the dynamic access control list in the memory 
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circuit, and therefore the allowability for claims 18-25 is indicated in this office action 
below. 

Allowable Subject Matter 

7. a) Claims 1 8-25 are allowed over prior art. 

The prior art fails to teach and render obvious the limitations for a network 
switching circuit as claimed in claims 18 and 22: 

"provide the specific packets on a processor port, and further operable to 
receive packets on one of a plurality of ports including the processor port and to 
forward each received packet to a port corresponding to a destination address 
contained in the packet subject to access restrictions contained in a dynamic 
access control list; a memory circuit coupled to the forwarding circuit, the 
memory circuit operable to store packets and operable to store an enhanced 
access control list and a dynamic access control list;" 

Conclusion 

8. THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time 
policy as set forth in 37 CFR 1 .136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 
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mailed until after the end of the THREE-MONTH shortened statutory period, then the 
shortened statutory period will expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1 .136(a) will be calculated from the mailing date of 
the advisory action. In no event, however, will the statutory period for reply expire later 
than SIX MONTHS from the mailing date of this final action. 

9. Any inquiry concerning this communication or earlier communications should be 
directed to the attention to Venkatesh Haliyur whose phone number is 571-272-8616. 
The examiner can normally be reached on Monday-Friday from 9:00AM to 5:00 PM. If 
attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Edan Orgad can be reached @ (571)-272-7884. Any inquiry of a general 
nature or relating to the status of this application or proceeding should be directed to the 
group receptionist whose telephone number is (571 )-272-2600 or fax to 571 -273-8300. 

10. Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for published 

applications may be obtained from either Private PAIR or Public PAIR. Status 
information for unpublished applications is available through Private PAIR only. For 
more information about the PAIR system, see http:/7palr-direct.uspto.qov . Should you 
have questions on access to the Private PAIR system, contact the Electronic Business 
Center (EBC) at 866-21 7-91 97(toll-free). 
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